Provide docs on generic CloudEvent & Key Vault secret job (#2)

tomkerkhove · web-flow · commit cce3c9898390 · 2020-01-20T18:02:07.000+01:00
* Provide docs on generic CloudEvent &amp; Key Vault secret job

Signed-off-by: Tom Kerkhove &lt;kerkhove.tom@gmail.com&gt;

* Configuration on Netlify works

* Change title
diff --git a/docs/features/cloudevent/receive-cloudevents-job.md b/docs/features/cloudevent/receive-cloudevents-job.md
@@ -0,0 +1,43 @@
+---
+title: "Securely Receive CloudEvents"
+layout: default
+---
+
+# Securely Receive CloudEvents
+
+The `Arcus.BackgroundJobs` library provides a collection of background jobs to securely receive [CloudEvents](https://github.com/cloudevents/spec).
+This allows workloads to asynchronously process event from other components without exposing a public endpoint.
+
+## How does it work?
+
+An Azure Service Bus Topic resource is required to receive CloudEvents on. CloudEvent messages on this Topic will be processed by a background job.
+
+You can write your own background job(s) by deriving from `CloudEventBackgroundJob` which already takes care of topic subscription creation/deletion on start/stop of the job.
+
+## Usage
+
+You can easily implement your own job by implementing the `ProcessMessageAsync` method to prcocess new CloudEvents.
+
+```csharp
+public class MyBackgroundJob : CloudEventBackgroundJob
+{
+    public MyBackgroundJob(
+        IConfiguration configuration,
+        IServiceProvider serviceProvider,
+        ILogger<CloudEventBackgroundJob> logger) : base(configuration, serviceProvider, logger)
+    {
+
+    }
+
+    protected override async Task ProcessMessageAsync(
+        CloudEvent message,
+        AzureServiceBusMessageContext messageContext,
+        MessageCorrelationInfo correlationInfo,
+        CancellationToken cancellationToken)
+        {
+            // Process the CloudEvent message...
+    }
+}
+```
+
+[&larr; back](/)
diff --git a/docs/features/security/auto-invalidate-secrets.md b/docs/features/security/auto-invalidate-secrets.md
@@ -0,0 +1,43 @@
+---
+title: "Automatically Invalidate Azure Key Vault Secrets"
+layout: default
+---
+
+# Automatically Invalidate Azure Key Vault Secrets
+
+The `Arcus.WebApi.Jobs` library provides a background job to automatically invalidate cached Azure Key Vault secrets from an `ICachedSecretProvider` instance of your choice.
+
+## How does it work?
+
+This automation works by subscribing on the `SecretNewVersionCreated` event of an Azure Key Vault resource and placing those events on a Azure Service Bus Topic; which we process in our background job.
+
+To make this automation opperational, following Azure Resources has to be used:
+* Azure Key Vault instance
+* Azure Service Bus Topic
+* Azure Event Grid subscription for `SecretNewVersionCreated` events that are sent to the Azure Service Bus Topic
+
+## Usage
+
+Our background job has to be configured in `ConfigureServices` method:
+
+```csharp
+public void ConfigureServices(IServiceCollection services)
+{
+    // An 'ISecretProvider' implementation (see: https://security.arcus-azure.net/) to access the Azure Service Bus Topic resource;
+    //     this will get the 'serviceBusTopicConnectionStringSecretKey' string (configured below) and has to retrieve the connection string for the topic.
+    services.AddSingleton<ISecretProvider>(serviceProvider => ...);
+
+    // An `ICachedSecretProvider` implementation which secret keys will automatically be invalidated.
+    services.AddSingleton<ICachedSecretProvider>(serviceProvider => new CachedSecretProvider(mySecretProvider));
+
+    services.AddAutoInvalidateKeyVaultSecretBackgroundJob(
+        // Prefix of the Azure Service Bus Topic subscription;
+        //    this allows the background jobs to support applications that are running multiple instances, processing the same type of events, without conflicting subscription names.
+        subscriptionNamePrefix: "MyPrefix"
+
+        // Connection string secret key to a Azure Service Bus Topic.
+        serviceBusTopicConnectionStringSecretKey: "MySecretKeyToServiceBusTopicConnectionString");
+}
+```
+
+[&larr; back](/)
diff --git a/docs/index.md b/docs/index.md
@@ -6,9 +6,24 @@ redirect_from:
  - /index.html
 ---
 
+[![NuGet Badge](https://buildstats.info/nuget/Arcus.BackgroundJobs?includePreReleases=true)](https://www.nuget.org/packages/Arcus.BackgroundJobs/)
+
 # Installation
 
-Coming soon!
+The Arcus.BackgroundJobs can be installed via NuGet:
+
+```shell
+PM > Install-Package Arcus.BackgroundJobs
+```
+
+For more granular packages we recommend reading the documentation.
+
+# Features
+
+- **General**
+    - [Securely Receive CloudEvents](features/cloudevent/receive-cloudevents-job)
+- **Security**
+    - [Automatically invalidate cached secrets from Azure Key Vault](features/security/auto-invalidate-secrets)
 
 # License
 This is licensed under The MIT License (MIT). Which means that you can use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the web application. But you always need to state that Codit is the original author of this web application.
